Facebook Acting in Violation of European Data Laws

Apr 21, 2015

Considering it’s size, you would presume that Facebook would be subject, and adhere, to European data laws. However, as a result of Facebook’s (seemingly) unnecessarily complicated privacy policies and its continuous tracking of users, even when they are unaware of violating certain data laws that are in force in Europe.

It is also interesting that these accusations have come about just months after Facebook updated their policies and terms and conditions with the supposed aim of making it more straightforward for users to control how their personal data is used on the social media platform.

A recent report, carried out on behalf of the Belgian Privacy Commission, said that the research “indicates [that] Facebook is acting in violation of European law”. The main reason Facebook is accused of doing so is because of the lack of sufficient control its users have over Facebook monitoring their use and tracking their location for advertising purposes. In fact, almost all of data collected for this is done so, without users even realising, and the report suggests that the main reason for this lack of awareness is that users must specifically opt out of being tracked, rather than knowingly consent.

In fact, it is this ‘opt out only’ system that means Facebook does not fully meet requirements for legally valid consent, as most users are completely unaware.

According to the report, ‘To be valid, consent must be “freely given”, “specific”, “informed” and “unambiguous”.’ which suggests that Facebook’s way of operating is not valid and that ‘it is highly questionable whether Facebook’s current approach satisfies these requirements.’

It is also interesting that, even when users think something is useful because it allows inter-platform sharing (for example, the way in which Facebook uses data from Instagram and WhatsApp) can also breach privacy and data laws in Europe. This is because it forms a more complete idea of each user that can be used for a number of different purposes, without specifically asking for their permission to do so.

The report criticised Facebook for its limited offering of control for users, and said that Facebook was guilty of ‘leveraging its dominant position’, taking advantage of its users’ naivety that effectively trick users into agreeing unreasonable conditions. Facebook was also criticised for making certain content available for those who did know they could opt out. This means that they could miss out on content that they could access elsewhere simply because they are exercising their own privacy rights.

Other ways in which the report suggested Facebook falls short of meeting current European data laws is that users can only delete content that they have posted themselves and is only really relevant to their own profiles. This means that they could be subject to offensive content that they have no control over.

The real message to take from this report is that, just because a company is well-known and, generally, well-respected, it can’t necessarily be trusted to be operating completely legally. Ensure that you are fully aware of any data sharing that you have or have not consented to when operating both personal and business Facebook pages to avoid sharing more information that you desire.